Microsoft's Digital Crime Unit busy catching cyber thugs in India

Microsoft, that invests more than a billion dollars a year in security research, innovation and development, reached out to 126 organisations in India last year.

In a significant operation earlier this month, the cyber cell of Delhi Police arrested 24 people who posed as Microsoft tech support staff and duped several US citizens.

This could not have been possible without the the real-time monitoring of cyber crimes by Microsoft's Digital Crime Unit (DCU) in Redmond that is using Cloud, Big Data, Machine Learning (ML) and Business Intelligence (BI) to improve the security of its products and services, protect vulnerable populations, fight malware, and reduce digital risks.

The real-time data analytics and sharing of key inputs with relevant law enforcement agencies helped bust 10 companies that were illegally running call centres at various places in Delhi that targeted Microsoft Windows users.

"It was real-time monitoring that helped us crack the Delhi gang behind the large-scale tech support fraud. The whole operation has been encouraging in our fight against cyber crimes," said Shilpa Bratt, Director (Shared Services) of Digital Crimes Unit.

"We worked closely with our DCU staff in India and Singapore to nail the culprits. I believe there are more such cyber criminals out there and we will up the ante against their sinister plans," Bratt added.

The cyber criminals impersonated as Microsoft tech support staff after they managed to fraudulently pop up messages on users' screens that their systems had been affected by malware.

In order to fix the systems, they charged any sum between $100 and $500 from the victims.

According to the Delhi police, incriminating evidence in the form of cheques from customers in the name of Microsoft Tech support, call recordings, virtual dialers, Microsoft Tech support training material, call log transcripts detailing the conversation with victims of fraud, payment gateway records and servers were seized.

According to a Microsoft survey released this month, 68 per cent users in India experienced tech support scams in the past year and some of them (14 per cent) even lost money.

The problem is not limited to India alsone. Tech support scams are a problem worldwide, with three out of five people globally having experienced one in the past year and one in five losing money to fraudsters, according to the "Tech Support Scam Survey 2018" released by DCU.

In 2014, the DCU filed a civil lawsuit in federal court in the central district of California against some companies and related entities in India for unfair and deceptive business practices and trademark infringement.

According to the lawsuit, 3.3 million Americans fall victim to technical support scams annually, losing $1.5 billion.

The scammers claim to find non-existent computer viruses and infections, and then con people out of their hard-earned money for bogus tech support, in addition to stealing personal and financial information or even installing new malicious software.

"At DCU, we are constantly monitoring such scammers. The fight against them will only intensify in days to come," Bratt noted.

In the last two days, informed Bratt, over 2 billion connected devices were affected with active threats globally and India was at the second spot after Vietnam in the top affected countries.

The data was generated by Microsoft's real-time "Threat Monitor".

The DCU - with 22 employees at its Redmond headquarters and 60 overall at 30 offices globally including in India -- is working round-the-clock to intercept, analyse and mitigate threats, thus creating a road-map for various industry stakeholders globally to plan relevant actions.

In total, a team of 3,500 professionals at Microsoft is looking at security, built into the company's products and services, using frameworks such as the security development lifecycle and operational security assurance.

Microsoft's Cybersecurity Engagement Centre in New Delhi is already empowering organisations with information and techniques to secure critical information infrastructure and help reduce malware and digital risk.

Microsoft, that invests more than a billion dollars a year in security research, innovation and development, reached out to 126 organisations in India last year.

"Our big worry is attacks from nation-state actors as law enforcement is challenged by borders. The cross-border nature of cyber crime has created safe havens for bad actors. We need a stronger global security law to deal with such situations which are increasing by the day," Bratt emphasised.